LDAP authentication for webdirect is setup the same way it's setup for regular filemaker pro users logging in.
You must have gotten "right in" because nobody applied any security settings.
The KB article has the details about setting up LDAP authentication:
In the meantime, put a password on the admin accounts in all of your files so you're not exposed to insecure logins.
Thank you Mike.